changeset 3966:9f85369294f3

doc (encryption, cli): pubsub signing documentation: - add a `Pubsub Signature` section to `encryption` documentation - document `-X, --sign` flag where it's used - document `pubsub/signature` subcommands fix 381
author Goffi <goffi@goffi.org>
date Sun, 30 Oct 2022 01:06:58 +0200
parents 2695dafc5c4d
children f461f11ea176
files doc/conf.py doc/encryption.rst doc/libervia-cli/blog.rst doc/libervia-cli/pubsub.rst doc/libervia-cli/pubsub_signature.rst
diffstat 5 files changed, 88 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/doc/conf.py	Sun Oct 30 01:06:58 2022 +0200
+++ b/doc/conf.py	Sun Oct 30 01:06:58 2022 +0200
@@ -47,6 +47,13 @@
   To publish an end-to-end encrypted item, you can use the ``-e, --encrypt`` flag, and
   share secrets with :ref:`libervia-cli_pubsub_secret`. Please read
   :ref:`pubsub-encryption` for more details.
+
+.. |sign_arg| replace::
+  To cryptographically sign an item, you can use the ``-X, --sign`` flag (a mnemonic way
+  to remember the short option is to think of a cross made as a signature on a document).
+  Signature can then be checked with :ref:`libervia-cli_pubsub_signature`. Please read
+  :ref:`pubsub-encryption` for more details.
+
 """
 
 # If your documentation needs a minimal Sphinx version, state it here.
--- a/doc/encryption.rst	Sun Oct 30 01:06:58 2022 +0200
+++ b/doc/encryption.rst	Sun Oct 30 01:06:58 2022 +0200
@@ -92,3 +92,36 @@
 
 .. _OpenPGP: https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP
 
+Pubsub Signature
+================
+
+By default, identity of the publisher of a pubsub item is difficult to authenticate: it
+may be specified by the pubsub service (using the `"publisher" attribute`_), but this
+attribute is not set by all pubsub services, and it can be spoofed by the service or the
+XMPP server.
+
+To strongly authenticate the publisher of a pubsub item, it is possible to cryptographically sign an item. This can work with any pubsub item, encrypted or not, and it can be done after the item has been published. The process use `Pubsub Signing protoXEP`_
+
+.. note::
+
+   Pubsub Signing specification is not currently an official XEP (XMPP Extension
+   Protocol), it is about to be examinated by "XMPP council". This documentation will be
+   updated with the evolution of the situation.
+
+.. attention::
+
+   Signature only certifies that the signers strongly link themselves with this version of
+   the item, not that the signers are the original authors of the item. In other words, it
+   prevents somebody to say that somebody else has published something (the signature
+   would be missing or invalid), but the published data may come from anywhere. Also keep
+   in mind that a security breach (stolen encryption keys, major bug somewhere) is always
+   possible.
+
+
+To handle pubsub signatures from command line, you may use
+:ref:`libervia-cli_pubsub_signature`.
+
+.. _"publisher" attribute: https://xmpp.org/extensions/xep-0060.html#publisher-publish-success-publisher
+
+.. _Pubsub Signing protoXEP: https://github.com/xsf/xeps/pull/1228
+
--- a/doc/libervia-cli/blog.rst	Sun Oct 30 01:06:58 2022 +0200
+++ b/doc/libervia-cli/blog.rst	Sun Oct 30 01:06:58 2022 +0200
@@ -18,6 +18,8 @@
 
 |e2e_arg|
 
+|sign_arg|
+
 examples
 --------
 
@@ -107,6 +109,8 @@
 
 |e2e_arg|
 
+|sign_arg|
+
 examples
 --------
 
--- a/doc/libervia-cli/pubsub.rst	Sun Oct 30 01:06:58 2022 +0200
+++ b/doc/libervia-cli/pubsub.rst	Sun Oct 30 01:06:58 2022 +0200
@@ -26,6 +26,8 @@
 
 |e2e_arg|
 
+|sign_arg|
+
 .. _XEP-0060 ยง7.1.5: https://xmpp.org/extensions/xep-0060.html#publisher-publish-options
 
 example
@@ -83,6 +85,8 @@
 
 |e2e_arg|
 
+|sign_arg|
+
 example
 -------
 
@@ -458,6 +462,11 @@
 Subcommands to add or remove data attached to pubsub items. Please check
 :ref:`libervia-cli_pubsub_attachments`.
 
+signature
+=========
+
+Subcommands to handle items signature. Please check :ref:`libervia-cli_pubsub_signature`.
+
 secret
 ======
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/doc/libervia-cli/pubsub_signature.rst	Sun Oct 30 01:06:58 2022 +0200
@@ -0,0 +1,35 @@
+.. _libervia-cli_pubsub_signature:
+
+=================================================
+pubsub/signature: Sign and Check Items Signatures
+=================================================
+
+``signature`` group commands to handle pubsub item cryptographic signatures:
+
+You can check :ref:`pubsub-encryption` to have overview on how it works.
+
+sign
+=====
+
+Sign a pubsub item using OpenPGP keys of the profile.
+
+example
+-------
+
+Louise want to sign an item on her blog::
+
+  $ li pubsub signature sign -s louise@example.net -n urn:xmpp:microblog:0 -i about_feminism
+
+check
+=====
+
+Check validity of a signature found in attachments. For now, the attachments data JSON as
+found in attachments must be used, it is planned to make this command simpler in the close
+future.
+
+example
+-------
+
+Pierre wants to check that a blog post is really from Louise::
+
+  $ li pubsub signature check -s louise@example.net -n urn:xmpp:microblog:0 -i about_feminism '{"timestamp": 1667079677.0, "signers": ["louise@example.net"], "signature": "iQGzBAABCAAdFiEEeTqK7iUsJz97sLSEgjG1Of9Gvi0FAmNdnf0ACgkQgjG1Of9Gvi293Qv+IWe6gkaAPzGI6fis9yg9biSdFE9qf9oi+jyTiZuTR1QjjZYE7x+vsj3KewKBUMOyqxKMk1WVKmimDb3yCqfF852lEox3OQuBMP46G9UHDNII6D+oqe4VVWZhqe3s3twWYc08nrvAUH4tMI96xml4wuEk6Fv8PwBcNEEzX8zNwLYeY6tsR72XErBDn5oY06OGhZeLBn6FkUI1QZ3jT0djjH87CuH+9gOS6vEIpO+UnCqvB3aqxwhHIIOh5X9bUyEyxINb3kA6WpYumlc92vE8ROndPZGEni9OfouTjJL7+tUmcNz4RJdbEzBpETtzJ4B3r/kbJWKi5YDpZZOI1k/W/eKXFIg6Aycc0iG/THSEwvYMFGrmyQYosdC+mbjSE4DvYE1aSHOLW3ut5kNuDqLH17/kyOh+VoR4FAkRtGoa34sQN2jaRG8m/Gl+98Ha67k8OisnrHOx7FKGGcrpEp+BCUgvNP0IRFCz26xSaZ6aXK2SQkcvlbVXf6o0BkE5Hwcn"}'